You are here

Automated assessment of disclosure risk


OBJECTIVE: Develop algorithms to automatically categorize and quantify the security risks from disclosure of information. DESCRIPTION: Information that is released from a security domain, either intentionally as part of approved information sharing, or through malicious or accidental covert channels, can cause harm by revealing secrets. In practice, efforts to control such leaks in information processing systems are costly in terms of additional human effort and often impair the usability and timeliness of information sharing. For this reason, it is important to accurately assess the risk associated with different types of information, so that effort is focused on the most damaging leaks. For some types of information, such as passwords or encryption keys, the consequences of leaking even a few bits of information can be very severe. The goal of this effort is to develop automated support for reasoning about the risks associated with information disclosure. Using tools such as information theory, the theory of knowledge, and probability, the researchers will develop principled methods by which the degree of exposure, due to such a release, can be assessed. This research will produce a taxonomy of information disclosure risks, and a model of risk within a subset of the identified categories. The model should address the problem of disclosure through logical and/or statistical inference, and should take into account the contextual information that enables inference. The researchers should provide a practical approach for identifying such contextual information and should demonstrate how to factor in the knowledge that is probably already available to potential adversaries. The result of this research will be the development of algorithms and methods for categorizing information and for automatically estimating the risk that information will fall into a subset of the identified categories. The researchers shall use the methods to develop practical tools that can compute disclosure risk for a given piece of information and a large number of given secrets. The researchers shall address the problem of cumulative risk due to disclosure in a sequence of releases or compromises. Possible military and government applications of this technology include: (1) Assessment of disclosure risk for"data at rest", (2) quantitative assessment of the degree of compromise for one secret caused by release of related information, (3) quantitative estimates of the effectiveness of security counter-measures (such as disinformation, or the introduction of"decoy"informationinformation that appears to be sensitive, but is actually not). PHASE I: Survey existing research on quantitative measures of risk due to information disclosure. Develop a taxonomy of categories of information disclosure. Develop a model of information disclosure for categories, and quantitative measures of disclosure risk. Design methods for automatic categorizing information according to the type of risk, and algorithms for automatically computing quantitative risk. PHASE II: Use the algorithms and methods developed in Phase I as the basis for a prototype tool to automatically assess disclosure risk. Develop scenarios for information disclosure, and find or create realistic data for use with these scenarios. Demonstrate the developed tools using the scenario data. Create a detailed report showing the effectiveness of the tools in the context of the scenarios. PHASE III: Secure computer systems, cross-domain information sharing. Controlled disclosure of proprietary corporate information, privacy of individual health or financial information, protection of intellectual property. REFERENCES: 1."Deciding knowledge in security protocols under equational theories"Martin Abadi and Veronique Cortier, INRIA, 2."Knowledge management: securing the future"Ebrahim Randeree, Journal of Knowledge Management, Vol. 10, No. 4, 2006, pp. 145-156. 3."Assessing Disclosure Risk in Anonymized Datasets"Alexei Kounine and Michele Bezzi, 4."Data-Centric Quantitative Computer Security Risk Assessment"Brett Berger, SANS Institute, 2003,
US Flag An Official Website of the United States Government